Beware of this "Paypal is Restricted" Text Phishing Scam
We’ve blogged previously about phishing emails doing the rounds pretending to be Paypal, but this morning one of our Directors got sent this text message which, at a quick glance at least, looked fairly genuine:
If you click the link you then get sent to this page, which also looks fairly genuine:
However, this is a phishing scam designed to steal your PayPal user name and password, which can then be used to rack up spending on your account.
Phishing is any attempt made to steal your personal data by impersonating a genuine or trusted source.
Click on the link below for information for how you can protect yourself from Phishing Emails with our Active Email Threat Prevention. Or alternativly ask us for more information.
The Golden Rule
We’ll look at how you might identify that this is a scam text in a moment, but let’s first reiterate the golden rule when it comes to emails asking you to take action on your account:
NEVER CLICK THE LINK – JUST LOG IN TO YOUR ACCOUNT.
Don’t click the link, just log in as normal.
You should follow this rule whether the email or text is genuine or not.
Reputable companies know that email and text scamming is an issue, so if they want you to take any action on your account, they’ll tell you in your dashboard once you log in. Yes, they might send you a reminder as well, and include a link to make it easier to jump straight to the right page, but as scammers get better and better, telling a real from a fake message will get harder and harder.
So don’t take the risk – don’t click the link.
How do we know this text is fake?
Phishing scammers play on the fact that most people lead busy lives. Most people just scan messages that come in, and if it looks OK at first glance, will click the link. Because of this, they don’t always have to look 100% genuine. However, there are usually signs if you take the time to look critically at the message.
1. Phone number.
These scammers clearly know that a foreign phone number will automatically attract the attention of a UK recipient, so they’ve used, or spoofed a UK number. However, any name or number can be spoofed, so who the text appears to have come from should never be taken as proof of authenticity.
2. Link Address.
This is where the scammers have been clever in this case. People are starting to be more aware of website addresses that are not exactly right, such as paypalbills.com or pay-pal.co.uk etc…
At first glance, however, this link appears to be from Paypal’s genuine UK domain of paypal.co.uk.
However, if you look carefully, they aren’t slashes after paypal.co.uk, they are dots. What this means in web grammar is that the actual domain name here is ds8q.top and the paypal.co.uk has been created as a subdomain of this domain. Subdomains are always to the left of the main domain, separated by dots. Slashes are always to the right of the main domain (aside from the ones in https://) and indicate different pages or sections of that particular site. If this was a genuine Paypal link it would appear as http://paypal.co.uk/ds8q/top.
3. Security certificate.
A bit sloppy this one, but the link isn’t to a secure site, so uses http:// instead of https://.
Every reputable site that carries your payment details should be using https, and because Google and others are now giving more credibility to sites that carry security certificates regardless of whether they are used for financial transactions or not, pretty much every reputable website should now carry an https prefix. You should be suspicious of any unsolicited link you receive using an http prefix.
This attempt at fraud is just one of the many thousands that are bouncing around every day, from simple attempts to steal personal data to attempts to seize and control your vital IT assets for financial gain (or just to be malicious, in some cases).
If your business hasn’t taken serious steps to mitigate the effects of online criminal activity, it’s really important that you do so.
Our Security Essentials package starts from just £5 per device, per month and includes business-grade antivirus, anti-malware and real-time threat detection software.
If you’re now sure what to do or what the costs might be, just get in contact with us and we’ll guide you through and find the best options for your setup and budget.
The Willows School
Jordan always goes above and beyond no matter how crazy an idea we have or how quickly something needs doing.
Chris, Kelham Hall
Another 5 star Job from One2Call’s top man.
Paul D, AJ Marshall
Can contact support quickly, & visiting engineers communicative & polite/friendly.